minor fix
git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/data-catalogue/ckan-util-library@129162 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
3a2ab0b8c1
commit
846b30b24f
|
@ -67,7 +67,7 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
public CKanUtilsImpl(String scope) throws Exception{
|
||||
|
||||
CKanRunningCluster runningInstance = new CKanRunningCluster(scope);
|
||||
|
||||
|
||||
// save information
|
||||
CKAN_DB_URL = runningInstance.getDatabaseHosts().get(0);
|
||||
CKAN_DB_NAME = runningInstance.getDataBaseName();
|
||||
|
@ -78,7 +78,7 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
logger.debug("Plain sys admin token first 3 chars are " + CKAN_TOKEN_SYS.substring(0, 3));
|
||||
CKAN_DB_PORT = runningInstance.getDatabasePorts().get(0);
|
||||
CKAN_CATALOGUE_URL = runningInstance.getDataCatalogueUrl().get(0);
|
||||
|
||||
|
||||
// create connection pool
|
||||
String url = "jdbc:postgresql://" + CKAN_DB_URL + ":" + CKAN_DB_PORT + "/" + CKAN_DB_NAME;
|
||||
ds = new BasicDataSource();
|
||||
|
@ -88,23 +88,23 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
ds.setUrl(url);
|
||||
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Retrieve connection from the pool
|
||||
* @return
|
||||
* @return a connection available within the pool
|
||||
* @throws SQLException
|
||||
*/
|
||||
private Connection getConnection() throws SQLException{
|
||||
|
||||
|
||||
return ds.getConnection();
|
||||
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getApiKeyFromUsername(String username) {
|
||||
|
||||
logger.debug("Request api key for user = " + username);
|
||||
|
||||
|
||||
// in order to avoid errors, the username is always converted
|
||||
String ckanUsername = UtilMethods.fromUsernameToCKanUsername(username);
|
||||
|
||||
|
@ -179,7 +179,7 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
|
||||
try{
|
||||
List<String> organizationIds = getOrganizationsIds();
|
||||
|
||||
|
||||
// for each org id, check if the user is included
|
||||
for (String orgId : organizationIds) {
|
||||
String query = "SELECT * FROM \"member\" WHERE \"table_id\"=? and \"group_id\"=? and \"table_name\"=? and \"state\"=?;";
|
||||
|
@ -206,31 +206,22 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
public Map<String, List<RolesIntoOrganization>> getGroupsAndRolesByUser(
|
||||
String username, List<RolesIntoOrganization> rolesToMatch) {
|
||||
|
||||
logger.debug("Requested roles the user " + username + " has into his organizations");
|
||||
logger.debug("Requested roles that the user " + username + " has into his organizations");
|
||||
logger.debug("Roles to check are " + rolesToMatch);
|
||||
Map<String, List<RolesIntoOrganization>> toReturn = new HashMap<String, List<RolesIntoOrganization>>();
|
||||
|
||||
// in order to avoid errors, the username is always converted
|
||||
String ckanUsername = UtilMethods.fromUsernameToCKanUsername(username);
|
||||
|
||||
// retrieve the user and if it is a sys_admin, for every organizations that will be created in the map add also
|
||||
// the sys_admin role
|
||||
boolean isSysAdmin = false;
|
||||
if(rolesToMatch.contains(RolesIntoOrganization.SYSADMIN)){
|
||||
// get its key
|
||||
String apiKey = getApiKeyFromUsername(ckanUsername);
|
||||
isSysAdmin = isSysAdmin(ckanUsername, apiKey);
|
||||
}
|
||||
|
||||
try{
|
||||
|
||||
// in order to avoid errors, the username is always converted
|
||||
String ckanUsername = UtilMethods.fromUsernameToCKanUsername(username);
|
||||
|
||||
// get id from the user
|
||||
String userId = getUserIdByUsername(ckanUsername);
|
||||
|
||||
// get the id of all the organizations
|
||||
List<String> organizationIds = getOrganizationsIds();
|
||||
|
||||
// we need to get orgs names
|
||||
|
||||
// we need to get orgs names from the id
|
||||
CkanClient client = new CkanClient(CKAN_CATALOGUE_URL);
|
||||
|
||||
for (String orgId : organizationIds) {
|
||||
|
@ -247,15 +238,12 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
// prepare the data to put into the hashmap
|
||||
List<RolesIntoOrganization> rolesIntoOrg = new ArrayList<RolesIntoOrganization>();
|
||||
|
||||
if(isSysAdmin)
|
||||
rolesIntoOrg.add(RolesIntoOrganization.SYSADMIN);
|
||||
|
||||
while(rs.next()){
|
||||
|
||||
// check
|
||||
String role = rs.getString("capacity");
|
||||
if(rolesToMatch.contains(RolesIntoOrganization.valueOf(role))){
|
||||
rolesIntoOrg.add(RolesIntoOrganization.valueOf(role));
|
||||
if(rolesToMatch.contains(RolesIntoOrganization.valueOf(role.toUpperCase()))){
|
||||
rolesIntoOrg.add(RolesIntoOrganization.valueOf(role.toUpperCase()));
|
||||
logger.debug("User " + ckanUsername + " has role " + role + " into organization with id " + orgId);
|
||||
}
|
||||
}
|
||||
|
@ -265,11 +253,13 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
toReturn.put(orgName, rolesIntoOrg);
|
||||
}
|
||||
}
|
||||
|
||||
return toReturn;
|
||||
}catch(Exception e){
|
||||
logger.error("Unable to analyze user's roles", e);
|
||||
}
|
||||
|
||||
return toReturn;
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -282,11 +272,11 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
|
||||
// in order to avoid errors, the username is always converted
|
||||
String ckanUsername = UtilMethods.fromUsernameToCKanUsername(username);
|
||||
|
||||
|
||||
String userId = null;
|
||||
try{
|
||||
CkanClient client = new CkanClient(CKAN_CATALOGUE_URL);
|
||||
client.getUser(ckanUsername).getId();
|
||||
userId = client.getUser(ckanUsername).getId();
|
||||
logger.debug("User id retrieved for " + ckanUsername + " "+ userId);
|
||||
}catch(Exception e){
|
||||
logger.error("Unable to retrieve user with name " + ckanUsername, e);
|
||||
|
@ -309,7 +299,7 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
|
||||
return toReturn;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public List<String> getOrganizationsNames(){
|
||||
|
||||
|
@ -675,46 +665,87 @@ public class CKanUtilsImpl implements CKanUtilsInterface{
|
|||
|
||||
logger.debug("Request for checking if " + username + " into " + organizationName + " has role " + correspondentRoleToCheck);
|
||||
|
||||
if(correspondentRoleToCheck.equals(RolesIntoOrganization.SYSADMIN)){
|
||||
|
||||
logger.debug("SYSADMIN role cannot be created programmatically... The user role will be turned into admin");
|
||||
correspondentRoleToCheck = RolesIntoOrganization.ADMIN;
|
||||
}
|
||||
|
||||
// convert ckan username
|
||||
String ckanUsername = UtilMethods.fromUsernameToCKanUsername(username);
|
||||
|
||||
// we need to use the apis to make this
|
||||
String path = "/api/3/action/organization_member_create";
|
||||
// check if this role is already present in ckan for this user within the organization
|
||||
boolean alreadyPresent = isRoleAlreadySet(ckanUsername, organizationName, correspondentRoleToCheck);
|
||||
|
||||
// Request parameters to be replaced
|
||||
String parameter = "{"
|
||||
+ "\"id\":\"ORGANIZATION_ID_NAME\","
|
||||
+ "\"username\":\"USERNAME_ID_NAME\","
|
||||
+ "\"role\":\"ROLE\""
|
||||
+ "}";
|
||||
if(alreadyPresent)
|
||||
return true; // just return
|
||||
else{
|
||||
|
||||
// replace those values
|
||||
parameter = parameter.replace("ORGANIZATION_ID_NAME", organizationName.toLowerCase());
|
||||
parameter = parameter.replace("USERNAME_ID_NAME", ckanUsername);
|
||||
parameter = parameter.replace("ROLE", correspondentRoleToCheck.toString().toLowerCase());
|
||||
// we need to use the apis to make it
|
||||
String path = "/api/3/action/organization_member_create";
|
||||
|
||||
logger.debug("API request for organization membership is going to be " + parameter);
|
||||
// Request parameters to be replaced
|
||||
String parameter = "{"
|
||||
+ "\"id\":\"ORGANIZATION_ID_NAME\","
|
||||
+ "\"username\":\"USERNAME_ID_NAME\","
|
||||
+ "\"role\":\"ROLE\""
|
||||
+ "}";
|
||||
|
||||
CloseableHttpClient httpClient = HttpClientBuilder.create().build();
|
||||
// replace those values
|
||||
parameter = parameter.replace("ORGANIZATION_ID_NAME", organizationName.toLowerCase());
|
||||
parameter = parameter.replace("USERNAME_ID_NAME", ckanUsername);
|
||||
parameter = parameter.replace("ROLE", correspondentRoleToCheck.toString().toLowerCase());
|
||||
|
||||
try {
|
||||
HttpPost request = new HttpPost(CKAN_CATALOGUE_URL + path);
|
||||
request.addHeader("Authorization", CKAN_TOKEN_SYS); // sys token
|
||||
StringEntity params = new StringEntity(parameter);
|
||||
request.setEntity(params);
|
||||
HttpResponse response = httpClient.execute(request);
|
||||
logger.debug("Response code is " + response.getStatusLine().getStatusCode() + " and response message is " + response.getStatusLine().getReasonPhrase());
|
||||
logger.debug("API request for organization membership is going to be " + parameter);
|
||||
|
||||
return (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK);
|
||||
CloseableHttpClient httpClient = HttpClientBuilder.create().build();
|
||||
|
||||
}catch (Exception ex) {
|
||||
logger.error("Error while trying to change the role for this user ", ex);
|
||||
try {
|
||||
HttpPost request = new HttpPost(CKAN_CATALOGUE_URL + path);
|
||||
request.addHeader("Authorization", CKAN_TOKEN_SYS); // sys token
|
||||
StringEntity params = new StringEntity(parameter);
|
||||
request.setEntity(params);
|
||||
HttpResponse response = httpClient.execute(request);
|
||||
logger.debug("Response code is " + response.getStatusLine().getStatusCode() + " and response message is " + response.getStatusLine().getReasonPhrase());
|
||||
|
||||
return (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK);
|
||||
|
||||
}catch (Exception ex) {
|
||||
logger.error("Error while trying to change the role for this user ", ex);
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the user has this role into the organization with name organizationName
|
||||
* @param ckanUsername
|
||||
* @param organizationName
|
||||
* @param correspondentRoleToCheck
|
||||
* @return true if he has the role, false otherwise
|
||||
*/
|
||||
private boolean isRoleAlreadySet(String ckanUsername,
|
||||
String organizationName,
|
||||
RolesIntoOrganization correspondentRoleToCheck) {
|
||||
|
||||
try{
|
||||
|
||||
// user id
|
||||
String userId = getUserIdByUsername(ckanUsername);
|
||||
|
||||
// get the CkanClient to retrieve the organization id from the name
|
||||
CkanClient client = new CkanClient(CKAN_CATALOGUE_URL);
|
||||
String orgId = client.getOrganization(organizationName).getId();
|
||||
|
||||
String query =
|
||||
"SELECT * FROM \"member\" WHERE \"table_id\"=? and \"group_id\"=? and \"table_name\"=? and \"state\"=? and \"capacity\"=?;";
|
||||
PreparedStatement preparedStatement = getConnection().prepareStatement(query);
|
||||
preparedStatement.setString(1, userId);
|
||||
preparedStatement.setString(2, orgId);
|
||||
preparedStatement.setString(3, "user");
|
||||
preparedStatement.setString(4, State.ACTIVE.toString().toLowerCase());
|
||||
preparedStatement.setString(5, correspondentRoleToCheck.toString().toLowerCase());
|
||||
ResultSet rs = preparedStatement.executeQuery();
|
||||
|
||||
if(rs.next()) // ok, there is this row
|
||||
return true;
|
||||
|
||||
}catch(Exception e){
|
||||
logger.error("Unable to check if this role was already set", e);
|
||||
}
|
||||
|
||||
return false;
|
||||
|
|
|
@ -30,14 +30,14 @@ public interface CKanUtilsInterface {
|
|||
public CKanUserWrapper getUserFromApiKey(String apiKey);
|
||||
|
||||
/**
|
||||
* Returns the list of organizations to whom the user belongs.
|
||||
* Returns the list of organizations to whom the user belongs (with any role)
|
||||
* @param username
|
||||
* @return a list of organizations
|
||||
*/
|
||||
public List<CkanOrganization> getOrganizationsByUser(String username);
|
||||
|
||||
/**
|
||||
* Returns the list of organizations' names to whom the user belongs.
|
||||
* Returns the list of organizations' names to whom the user belongs (with any role)
|
||||
* @param username
|
||||
* @return a list of organizations
|
||||
*/
|
||||
|
@ -45,10 +45,10 @@ public interface CKanUtilsInterface {
|
|||
|
||||
/**
|
||||
* Given a username and a list of roles to be matched, find the organizations in which the user has these roles.
|
||||
* If the user is a sysadmin, for every organization in the map, the role will be present as well.
|
||||
* Please note that the role SYSADMIN is infra-organizations, so won't be considered (use the method isSysAdmin(String username, String apiKey))
|
||||
* @param username
|
||||
* @param rolesToMatch
|
||||
* @return
|
||||
* @return a list (orgsName, roles in this organization), null on error
|
||||
*/
|
||||
public Map<String, List<RolesIntoOrganization>> getGroupsAndRolesByUser(String username, List<RolesIntoOrganization> rolesToMatch);
|
||||
|
||||
|
@ -63,13 +63,13 @@ public interface CKanUtilsInterface {
|
|||
* @return the list of licenses' titles
|
||||
*/
|
||||
public List<String> getLicenseTitles();
|
||||
|
||||
|
||||
/**
|
||||
* Retrieve the list of organizations ids
|
||||
* @return
|
||||
*/
|
||||
public List<String> getOrganizationsIds();
|
||||
|
||||
|
||||
/**
|
||||
* Retrieve the list of organizations names
|
||||
* @return
|
||||
|
@ -139,7 +139,7 @@ public interface CKanUtilsInterface {
|
|||
* @return The url of the dataset on success, null otherwise
|
||||
*/
|
||||
public String getUrlFromDatasetIdOrName(String apiKey, String datasetIdOrName);
|
||||
|
||||
|
||||
/**
|
||||
* Check if this user is a sysadmin. The api key is used to authorize this call.
|
||||
* @param username
|
||||
|
|
|
@ -7,6 +7,5 @@ package org.gcube.datacatalogue.ckanutillibrary.models;
|
|||
public enum CkanRolesIntoLiferay {
|
||||
CATALOG_MEMBER,
|
||||
CATALOG_EDITOR,
|
||||
CATALOG_ADMIN,
|
||||
CATALOG_SYSADMIN
|
||||
CATALOG_ADMIN
|
||||
}
|
||||
|
|
|
@ -7,6 +7,5 @@ package org.gcube.datacatalogue.ckanutillibrary.models;
|
|||
public enum RolesIntoOrganization{
|
||||
MEMBER,
|
||||
EDITOR,
|
||||
ADMIN,
|
||||
SYSADMIN
|
||||
ADMIN
|
||||
}
|
Loading…
Reference in New Issue